OTL Logfile: Code:
OTL logfile created on: 06.02.2012 17:19:55 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mathias\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,02% Memory free
4,25 Gb Paging File | 3,12 Gb Available in Paging File | 73,42% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 112,69 Gb Total Space | 21,32 Gb Free Space | 18,91% Space Free | Partition Type: NTFS
Drive D: | 112,39 Gb Total Space | 46,71 Gb Free Space | 41,56% Space Free | Partition Type: NTFS
Drive F: | 5,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 7,64 Gb Total Space | 1,17 Gb Free Space | 15,28% Space Free | Partition Type: FAT32
Computer Name: MATHIAS-PC | User Name: Mathias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Mathias\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Update\1.3.21.99\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\3DataManager\WTGService.exe ()
PRC - C:\Program Files\3DataManager\3DataManager.exe (WebToGo Mobile Internet GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\3DataManager\bmctl.exe (Bytemobile, Inc.)
PRC - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Unlocker\UnlockerCOM.dll ()
MOD - C:\Program Files\3DataManager\H3GA_WTGSMSPCClientGer.dll ()
MOD - C:\Program Files\3DataManager\H3GA_OneClickAssistantGer.dll ()
MOD - C:\Program Files\3DataManager\WtgDriverInstallX.dll ()
MOD - C:\Program Files\3DataManager\WTGSMSPCClient.dll ()
MOD - C:\Program Files\3DataManager\WtgCore.dll ()
MOD - C:\Program Files\3DataManager\WtgDriverInstall.dll ()
MOD - C:\Program Files\3DataManager\WtgBluetooth.dll ()
MOD - C:\Program Files\3DataManager\WtgDialup.dll ()
MOD - C:\Program Files\3DataManager\WtgDetection.dll ()
MOD - C:\Program Files\3DataManager\WtgDatabase.dll ()
MOD - C:\Program Files\3DataManager\WtgPorts.dll ()
MOD - C:\Program Files\3DataManager\WtgUtil.dll ()
MOD - C:\Program Files\3DataManager\WTGDebugs.dll ()
========== Win32 Services (SafeList) ==========
SRV - (iPod Service) -- File not found
SRV - (CLTNetCnService) -- File not found
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (BBUpdate) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (WTGService) -- C:\Program Files\3DataManager\WTGService.exe ()
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ZTEusbser6k) -- C:\Windows\System32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\Windows\System32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\Windows\System32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (hwusbfake) -- C:\Windows\System32\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (CdaC15BA) -- C:\Windows\System32\drivers\CDAC15BA.SYS ()
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Program Files\Acer Arcade Live\Acer PlayMovie\000.fcl (Cyberlink Corp.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
IE - HKLM\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No CLSID value found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No CLSID value found
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.13.184
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: codiprog@fbplus.plugin:1.5
FF - prefs.js..extensions.enabledItems: {E84D42CA-64EB-11DE-A65F-8C3656D89593}:3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://www.sicto.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=3kQFs3eO&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.live.com/results.aspx?mkt=de-AT&FORM=MIC8E5&q="
FF - user.js..browser.search.selectedEngine: "Search"
FF - user.js..keyword.URL: "hxxp://www.sicto.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=3kQFs3eO&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\3-addons\addon [2010.09.15 01:14:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.10.29 11:26:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.12 19:01:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.06 17:16:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.06 17:16:07 | 000,000,000 | ---D | M]
[2011.12.17 07:20:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\Extensions
[2009.05.29 16:48:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012.02.06 14:26:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mathias\AppData\Roaming\mozilla\Firefox\Profiles\mw7gam1n.default\extensions
[2012.01.11 18:59:55 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Mathias\AppData\Roaming\mozilla\Firefox\Profiles\mw7gam1n.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.08.16 09:08:20 | 000,000,931 | ---- | M] () -- C:\Users\Mathias\AppData\Roaming\Mozilla\Firefox\Profiles\mw7gam1n.default\searchplugins\conduit.xml
[2012.01.04 23:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.10.29 20:26:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.11.21 12:26:13 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de
[2011.10.29 11:26:16 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012.01.04 23:01:31 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.06 22:59:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.19 14:38:17 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.10.06 22:59:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.06 22:59:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.06 22:59:31 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.16 09:51:55 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2011.10.06 22:59:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.06 22:59:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google-Suche = C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Mathias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found.
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - No CLSID value found.
O2 - BHO: (WebSpeechBHO Class) - {83A30C59-3A50-49E6-9DAF-4923C4EA3C23} - C:\Program Files\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O2 - BHO: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0388BA0C-C7F1-4E6A-BD7A-B59623F33363} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 2010\UIWatcher.exe File not found
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O9 - Extra Button: WebSpeech - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Program Files\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O9 - Extra 'Tools' menuitem : Seite/Markierung vorlesen (WebSpeech) - {1CE4DE72-7FCC-4eb8-8F66-AE6A56A0A54D} - C:\Program Files\Common Files\WebSpeech.4.0\LgxIEBar.dll (G DATA Software AG)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{59BE314F-DB6E-4667-AD4E-D54436E77B94}: NameServer = 213.94.78.17 213.94.78.16
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6BD94DC-1049-4C17-88CA-1A95E28EE6A7}: NameServer = 213.94.78.16 213.94.78.17
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mathias\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mathias\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2007.06.28 14:21:08 | 000,000,277 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{007e8e9c-de4e-11dc-b726-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{007e8e9c-de4e-11dc-b726-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{038c501d-8e25-11df-94be-fee8bd1c9662}\Shell - "" = AutoRun
O33 - MountPoints2\{038c501d-8e25-11df-94be-fee8bd1c9662}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{038c5027-8e25-11df-94be-cef161e277b6}\Shell - "" = AutoRun
O33 - MountPoints2\{038c5027-8e25-11df-94be-cef161e277b6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{054d7348-97c3-11df-b2dd-d89c6a6be0b8}\Shell - "" = AutoRun
O33 - MountPoints2\{054d7348-97c3-11df-b2dd-d89c6a6be0b8}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{09e165ad-42e5-11dd-9ef8-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{09e165ad-42e5-11dd-9ef8-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{09e1675e-42e5-11dd-9ef8-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{09e1675e-42e5-11dd-9ef8-001c253c60aa}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{185f4386-c05f-11df-8dde-bf965a5e2885}\Shell - "" = AutoRun
O33 - MountPoints2\{185f4386-c05f-11df-8dde-bf965a5e2885}\Shell\AutoRun\command - "" = L:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{185f43bc-c05f-11df-8dde-f389d6e8203d}\Shell - "" = AutoRun
O33 - MountPoints2\{185f43bc-c05f-11df-8dde-f389d6e8203d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{185f43c6-c05f-11df-8dde-f389d6e8203d}\Shell - "" = AutoRun
O33 - MountPoints2\{185f43c6-c05f-11df-8dde-f389d6e8203d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{27190c50-70b8-11df-b33a-c2454cad8f64}\Shell - "" = AutoRun
O33 - MountPoints2\{27190c50-70b8-11df-b33a-c2454cad8f64}\Shell\AutoRun\command - "" = K:\LiteAuto.exe
O33 - MountPoints2\{3fff55d1-d6a5-11dd-92fa-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{3fff55d1-d6a5-11dd-92fa-001c253c60aa}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- [2007.08.29 12:29:54 | 001,131,832 | R--- | M] ()
O33 - MountPoints2\{412d53f7-de8f-11df-80a4-eb121e2db78e}\Shell - "" = AutoRun
O33 - MountPoints2\{412d53f7-de8f-11df-80a4-eb121e2db78e}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{681ab221-4392-11dd-834d-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{681ab221-4392-11dd-834d-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{681ab283-4392-11dd-834d-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{681ab283-4392-11dd-834d-001c253c60aa}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{681ab2be-4392-11dd-834d-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{681ab2be-4392-11dd-834d-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{681ab2e4-4392-11dd-834d-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{681ab2e4-4392-11dd-834d-001c253c60aa}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7a3cb81f-d0e3-11dc-b026-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{7a3cb81f-d0e3-11dc-b026-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{8814bd81-4924-11dd-9851-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{8814bd81-4924-11dd-9851-001c253c60aa}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8814bda2-4924-11dd-9851-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{8814bda2-4924-11dd-9851-001c253c60aa}\Shell\AutoRun\command - "" = K:\AutoRun.exe
O33 - MountPoints2\{90564adb-c223-11df-bbd4-f66f07c11859}\Shell - "" = AutoRun
O33 - MountPoints2\{90564adb-c223-11df-bbd4-f66f07c11859}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9ba37098-4b4e-11dd-aa3a-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{9ba37098-4b4e-11dd-aa3a-001c253c60aa}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a053985d-d329-11dc-93b3-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{a053985d-d329-11dc-93b3-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{a275f448-c151-11df-8e92-c161453f84d0}\Shell - "" = AutoRun
O33 - MountPoints2\{a275f448-c151-11df-8e92-c161453f84d0}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ac365a6a-9194-11df-a525-c59eaa9f350d}\Shell - "" = AutoRun
O33 - MountPoints2\{ac365a6a-9194-11df-a525-c59eaa9f350d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{ac365a72-9194-11df-a525-b5bbc2b8d827}\Shell - "" = AutoRun
O33 - MountPoints2\{ac365a72-9194-11df-a525-b5bbc2b8d827}\Shell\AutoRun\command - "" = L:\AutoRun.exe
O33 - MountPoints2\{c17a6de7-0927-11e0-b747-fecb77f11683}\Shell - "" = AutoRun
O33 - MountPoints2\{c17a6de7-0927-11e0-b747-fecb77f11683}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c870ff67-d4b7-11dc-9e55-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{c870ff67-d4b7-11dc-9e55-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{c870ff69-d4b7-11dc-9e55-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{c870ff69-d4b7-11dc-9e55-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{c8e08fb4-d333-11dc-981b-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{c8e08fb4-d333-11dc-981b-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{cd1170a0-d0d9-11dc-8da4-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{cd1170a0-d0d9-11dc-8da4-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{db4856a0-2562-11e0-afd3-b85fdb90c4af}\Shell - "" = AutoRun
O33 - MountPoints2\{db4856a0-2562-11e0-afd3-b85fdb90c4af}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{db4856a8-2562-11e0-afd3-b85fdb90c4af}\Shell - "" = AutoRun
O33 - MountPoints2\{db4856a8-2562-11e0-afd3-b85fdb90c4af}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{db4856e7-2562-11e0-afd3-b85fdb90c4af}\Shell - "" = AutoRun
O33 - MountPoints2\{db4856e7-2562-11e0-afd3-b85fdb90c4af}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e3c2ce9a-45e5-11dd-9c2c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e3c2ce9a-45e5-11dd-9c2c-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e459ffd0-b0df-11df-b1c8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e459ffd0-b0df-11df-b1c8-806e6f6e6963}\Shell\AutoRun\command - "" = F:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{f7cc0edf-ba60-11de-a5ed-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{f7cc0edf-ba60-11de-a5ed-001c253c60aa}\Shell\AutoRun\command - "" = F:\Install.exe
O33 - MountPoints2\{fa170abd-b0ea-11df-b575-e82d304f3a8b}\Shell - "" = AutoRun
O33 - MountPoints2\{fa170abd-b0ea-11df-b575-e82d304f3a8b}\Shell\AutoRun\command - "" = G:\.\Autorun.exe AUTORUN=1
O33 - MountPoints2\{fc0d5f79-e61f-11dc-a818-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{fc0d5f79-e61f-11dc-a818-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\{fc0d5f7b-e61f-11dc-a818-001c253c60aa}\Shell - "" = AutoRun
O33 - MountPoints2\{fc0d5f7b-e61f-11dc-a818-001c253c60aa}\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = LiteAuto.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.02.06 17:19:20 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Mathias\Desktop\OTL.exe
[2012.02.06 14:02:36 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\system check
[2012.02.06 13:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.06 13:11:44 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.06 13:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.06 02:41:22 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Roaming\Malwarebytes
[2012.02.06 02:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.27 16:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.01.27 16:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012.01.27 15:58:29 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012.01.27 15:58:29 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012.01.27 15:58:27 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012.01.27 15:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\RailSimulator.com
[2012.01.27 15:12:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2012.01.27 15:00:20 | 000,000,000 | ---D | C] -- C:\Users\Mathias\AppData\Roaming\DAEMON Tools Lite
[2012.01.27 15:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.01.11 17:12:06 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.11 17:12:06 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.11 17:12:00 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012.01.11 17:11:57 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.11 17:11:51 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2009.09.05 13:52:00 | 000,155,648 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2009.09.05 13:52:00 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2009.09.05 13:52:00 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2009.09.05 13:52:00 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2008.02.01 11:15:16 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[23 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.02.06 17:25:00 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{ACCB2B73-7376-4D85-961A-F9F10035963C}.job
[2012.02.06 17:22:28 | 010,682,270 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.06 17:22:27 | 033,002,562 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.06 17:22:27 | 009,767,808 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.06 17:22:25 | 010,691,444 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.06 17:22:00 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3878B4AC-7B06-48BA-ABB8-506B25B244BF}.job
[2012.02.06 16:50:37 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.06 16:50:36 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.06 16:50:33 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.06 16:50:16 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.02.06 16:50:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.06 16:45:09 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.06 16:30:28 | 000,106,496 | ---- | M] () -- C:\Users\Mathias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.06 13:49:01 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.02.06 13:11:49 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.06 01:23:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Mathias\Desktop\OTL.exe
[2012.02.05 22:58:32 | 000,000,456 | ---- | M] () -- C:\ProgramData\iBo3rsBV5BPdeD
[2012.02.05 22:56:51 | 000,000,304 | ---- | M] () -- C:\ProgramData\~iBo3rsBV5BPdeD
[2012.02.05 22:55:08 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.02.05 22:42:53 | 000,000,192 | ---- | M] () -- C:\ProgramData\~iBo3rsBV5BPdeDr
[2012.01.27 16:05:29 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.01.27 00:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.01.26 06:34:59 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.01.09 21:36:18 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[23 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.02.06 13:11:49 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.06 02:07:34 | 000,002,337 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.02.06 02:07:34 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.02.06 02:07:34 | 000,001,975 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.02.06 02:07:34 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon 3.lnk
[2012.02.06 02:07:34 | 000,001,902 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims 2.lnk
[2012.02.06 02:07:34 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2012.02.06 02:07:34 | 000,001,772 | ---- | C] () -- C:\Users\Public\Desktop\3DataManager.lnk
[2012.02.06 02:07:34 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.02.06 02:07:34 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Photoshop Elements 8.0.lnk
[2012.02.06 02:07:34 | 000,000,840 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2012.02.06 02:07:29 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2012.02.06 02:07:29 | 000,001,565 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Mail.lnk
[2012.02.06 02:07:28 | 000,001,901 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
[2012.02.06 02:07:28 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2012.02.06 02:07:28 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.02.06 02:07:28 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2012.02.06 02:07:28 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.02.06 02:07:28 | 000,001,799 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk
[2012.02.06 02:07:28 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2012.02.06 02:07:28 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2012.02.06 02:07:28 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2012.02.06 02:07:28 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012.02.06 02:07:28 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2012.02.06 02:07:28 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.02.06 02:07:28 | 000,001,625 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Story 3 for Windows.lnk
[2012.02.06 02:07:28 | 000,001,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 8.0.lnk
[2012.02.06 02:07:28 | 000,001,056 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk
[2012.02.06 02:07:28 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.02.06 02:07:28 | 000,000,730 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.02.05 22:55:08 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.02.05 22:42:53 | 000,000,304 | ---- | C] () -- C:\ProgramData\~iBo3rsBV5BPdeD
[2012.02.05 22:42:53 | 000,000,192 | ---- | C] () -- C:\ProgramData\~iBo3rsBV5BPdeDr
[2012.02.05 22:42:46 | 000,000,456 | ---- | C] () -- C:\ProgramData\iBo3rsBV5BPdeD
[2011.11.26 12:11:41 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.11.17 09:11:49 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2011.07.01 00:18:46 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.05.03 17:01:28 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.03.17 13:38:01 | 000,000,158 | ---- | C] () -- C:\Windows\TSDataEx.ini
[2011.03.17 13:34:57 | 000,000,000 | ---- | C] () -- C:\Users\Mathias\AppData\Roaming\FileOut.cns
[2011.03.17 13:34:57 | 000,000,000 | ---- | C] () -- C:\Users\Mathias\AppData\Roaming\FileIn.cns
[2010.10.05 22:52:17 | 000,000,012 | ---- | C] () -- C:\Windows\System32\language.ini
[2010.09.26 16:21:25 | 000,000,049 | ---- | C] () -- C:\Windows\cdplayer.ini
[2010.06.12 18:36:51 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.06.12 18:36:51 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.04.03 13:57:41 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2010.03.22 18:09:10 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009.09.29 15:51:14 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.29 15:51:13 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.05 13:52:04 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2009.09.05 13:52:02 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2009.09.05 13:52:02 | 000,270,336 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2009.09.05 13:52:01 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2009.08.07 00:04:37 | 000,000,095 | ---- | C] () -- C:\Users\Mathias\AppData\Local\fusioncache.dat
[2009.06.16 19:09:50 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.03.19 21:05:54 | 000,455,503 | ---- | C] () -- C:\Users\Mathias\AppData\Roaming\NMM-MetaData.db
[2008.09.18 16:12:53 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.24 16:51:25 | 000,000,751 | ---- | C] () -- C:\Windows\Bti.ini
[2008.06.25 20:22:53 | 000,000,268 | R--- | C] () -- C:\ProgramData\Dictionaries
[2008.06.25 20:22:53 | 000,000,268 | R--- | C] () -- C:\Users\Mathias\AppData\Roaming\Desktop Pictures
[2008.06.25 20:22:53 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2008.06.25 20:22:53 | 000,000,012 | R--- | C] () -- C:\ProgramData\Distortion
[2008.05.22 15:47:19 | 000,000,053 | ---- | C] () -- C:\Windows\3dtrack.INI
[2008.05.22 15:45:50 | 000,002,840 | ---- | C] () -- C:\Windows\Track.INI
[2008.04.12 12:42:57 | 000,036,074 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008.03.12 21:49:18 | 000,000,355 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008.02.09 20:03:33 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2008.02.09 18:11:19 | 000,000,950 | ---- | C] () -- C:\Windows\eReg.dat
[2008.02.01 18:25:38 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008.02.01 18:21:00 | 000,008,864 | ---- | C] () -- C:\Windows\System32\drivers\CDAC15BA.SYS
[2008.02.01 17:45:29 | 000,005,032 | ---- | C] () -- C:\Users\Mathias\AppData\Roaming\wklnhst.dat
[2008.02.01 12:48:16 | 000,106,496 | ---- | C] () -- C:\Users\Mathias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.01 11:16:16 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008.02.01 11:16:15 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008.02.01 11:15:16 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008.02.01 10:20:37 | 000,008,268 | ---- | C] () -- C:\Users\Mathias\AppData\Local\d3d9caps.dat
[2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.05.07 09:41:16 | 000,001,024 | R--- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2007.05.07 08:22:38 | 000,000,834 | ---- | C] () -- C:\Windows\generic.ini
[2007.05.07 08:22:38 | 000,000,130 | ---- | C] () -- C:\Windows\Alaunch.ini
[2007.05.07 08:22:34 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.05.07 08:22:34 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.05.07 08:22:34 | 000,143,676 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006.11.02 16:33:31 | 033,002,562 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 010,691,444 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,356,024 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 010,682,270 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 009,767,808 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2001.12.26 14:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 21:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 14:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 20:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
--- --- ---
--- --- ---
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 06.02.2012 17:19:55 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Mathias\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,02% Memory free
4,25 Gb Paging File | 3,12 Gb Available in Paging File | 73,42% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 112,69 Gb Total Space | 21,32 Gb Free Space | 18,91% Space Free | Partition Type: NTFS
Drive D: | 112,39 Gb Total Space | 46,71 Gb Free Space | 41,56% Space Free | Partition Type: NTFS
Drive F: | 5,57 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive L: | 7,64 Gb Total Space | 1,17 Gb Free Space | 15,28% Space Free | Partition Type: FAT32
Computer Name: MATHIAS-PC | User Name: Mathias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"AntiVirusOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1723684492-1119337897-2682288371-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" = C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" = C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption
"C:\Program Files\Mozilla Firefox\update.exe" = C:\Program Files\Mozilla Firefox\update.exe:*:Enabled:ldrsoft
"" = :*:Enabled:ldrsoft
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E6786B0-E88E-4669-9381-F40544316F6C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{317EED68-3952-480D-ABAF-5673C357FBBF}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00901846-18DB-4384-8B5D-128236A5A47F}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{0CA65C21-C832-4758-843F-19044F17892D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0CB34526-D54B-4893-B843-98FC796F3991}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0CD31391-E5E9-45FC-9DAC-22C2F57C9751}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F76EBAD-41C6-46FB-BC4D-55683E5FEC2B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F9161CD-A55C-4567-9A16-85ACC4851570}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F9A1FFB-D6AD-4FDC-8568-FD1FFCF3AE8D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0FD129D8-E12E-4F92-92F5-B1313DCF0A5C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{12893BC6-768E-456E-AF5D-789E9FD89E85}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{14474163-F976-4417-A929-6ED79991A1AF}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{17C04A19-611D-4EDF-BAFD-E70017DA7989}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1B3EF32F-A8B1-4AB8-A172-99653593324D}" = protocol=6 | dir=in | app=c:\program files\sony\media manager for walkman\mediamanager.exe |
"{203A4DFC-CC9E-4127-BC08-EE258F81295F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{245EFA32-2FB3-45B4-BBA6-22977DA6B9D7}" = dir=in | app=c:\program files\acer arcade live\slideshow dvd\component\clsldvd.exe |
"{24817410-2DD9-4004-B435-C899A4D6F526}" = dir=in | app=c:\program files\acer arcade live\acer playmovie\playmovie.exe |
"{2816AA20-B235-49E9-91EA-558E5E385E03}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{285E08A3-92B2-48F5-8BDC-A3EDC518C54D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A8F5F02-7F77-4A81-8552-A4C7FB7D30E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{368C9C21-E9BE-475D-AF45-27B410C77590}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3788A14F-2BFF-4781-8AEF-F45FD2807889}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E491FF3-96FD-4F56-A736-10FDC25A6D6C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E950545-AE4D-48B0-93EE-FD645616637A}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{401DCC44-0472-4D02-AC29-0D37AD80CF29}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\homemedia connect.exe |
"{58918602-00A9-4972-80C9-083465CA83D8}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5AA8B5C7-05C0-4D4C-9D9A-12202CF66530}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{610D4256-FBF6-4239-BD64-20FDFE1F9691}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{6307F449-05C4-4738-BF6B-FD7B228A1DEE}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\dvdivine.exe |
"{63DA1678-8DA9-4218-8907-D247CFA23CAF}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{699B9900-F72E-482E-BCBC-C5FCCC8FD04F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{6D5501BB-FAC2-4083-B55E-96CCB34F9133}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6E0C9577-4EE2-4660-A4EC-DF3014EE8E8A}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{77A26F11-D97B-42DC-A351-FA744D67BD21}" = protocol=6 | dir=in | app=c:\users\mathias\music\limewire\limewire.exe |
"{7C135A64-5037-4076-9A41-714E515FA330}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8EE9ACFC-C350-4B58-A5DD-E8D2F9C72129}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9126E073-9C9C-4DEE-9274-DD572F147819}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\component\arawp.exe |
"{9207EBD7-94C5-40B7-8717-51C185650878}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{943BC599-F756-43DC-ADBA-96AAC9BD51CD}" = dir=in | app=c:\program files\acer arcade live\acer playmovie\pmvservice.exe |
"{964E3E73-5BF5-4C36-8C24-32C59E7584D1}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\homemedia.exe |
"{9B2DE5D0-0D7C-45A5-9E49-A18141B64587}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\videomagician.exe |
"{A3B091FC-9D54-4D15-B12C-738ACEE4ED3F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6B28209-5CD5-4263-8066-8CCA5622D805}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{A9E3BE7F-B234-4F60-BEB7-A17755535E8B}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{AC80CDBF-7E91-4D22-AE24-8F6C5CB20CED}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{BC826F75-5321-4C1C-990D-68192B5733EA}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{BF447880-3399-4DA7-A2EF-4123833FB174}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C046FF61-84AC-42C6-98AB-CB1F52D94E95}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{C92A53AB-085F-41EB-9CCE-BD270B43073F}" = protocol=17 | dir=in | app=c:\program files\sony\media manager for walkman\mediamanager.exe |
"{CB691722-B74E-4C58-A6CE-83732992AC40}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB993806-6468-4516-BDDE-A76ECFB6B32B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DB044A76-CA54-4C8C-86B6-5FEC60D5ADEA}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{DE7A4B05-F291-47FB-8057-4E80104C3F2C}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{E676AD52-911A-4D37-913A-AF7EE3EEDCFC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E7E07E95-D982-4EF5-A701-8ECCFD81B7E0}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E906F03E-1F1C-4F9A-9806-EC76D4122009}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{F0429F00-CC5D-4CB5-A7E2-D7C6DD72D2F0}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\component\dvax2process.exe |
"{F6D0CE5C-4887-4C1F-BEFC-60986305A184}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9B99C37-7D1E-4DD5-B458-1B67098CA151}" = protocol=17 | dir=in | app=c:\users\mathias\music\limewire\limewire.exe |
"{FD45E6C6-7F98-4211-8AEC-A0C540E75E83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{20F12E8E-4A89-42F3-89B3-BA9D89166C40}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{2915F6A5-DF25-4CA7-935C-A27995601D04}C:\users\mathias\appdata\local\mediaget2\mediaget.exe" = protocol=6 | dir=in | app=c:\users\mathias\appdata\local\mediaget2\mediaget.exe |
"TCP Query User{562D6F31-1E49-4363-B753-87095AD1975B}C:\users\mathias\appdata\local\temp\rarsfx1\hl.exe" = protocol=6 | dir=in | app=c:\users\mathias\appdata\local\temp\rarsfx1\hl.exe |
"TCP Query User{6328E34C-1C93-4832-AA8B-269BD5EA8319}C:\program files\bearflix\bearflix.exe" = protocol=6 | dir=in | app=c:\program files\bearflix\bearflix.exe |
"TCP Query User{78F34482-2F41-42D6-B194-102CFE3A6EEF}C:\program files\hasbro interactive\rollercoaster tycoon demo\rct.exe" = protocol=6 | dir=in | app=c:\program files\hasbro interactive\rollercoaster tycoon demo\rct.exe |
"TCP Query User{93069BB7-AF2B-4BB8-85E8-B2FE1C7FAA73}C:\program files\edonkey2000\edonkey2000.exe" = protocol=6 | dir=in | app=c:\program files\edonkey2000\edonkey2000.exe |
"TCP Query User{9C083F7E-EFEF-4F0E-9A56-1001250B4F1C}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{9D4B4D00-2E3D-4749-B4B4-4D808EF7BF6B}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{A0747A12-BE21-4AD9-8970-6B961B7197E9}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{D4804D79-3D33-4C3E-B754-B88EEECB9800}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{E2C6A21A-1389-473A-8D36-C16DEB43DFBF}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{EE79ED53-CDD6-409D-8640-3C7BDDB9A60D}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{F065099C-3875-4B7C-A37F-B02B8E579906}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{049C8085-A5C2-42E7-87EE-37051466EC38}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{1C4FE8C8-CB32-4C3D-8160-33372373B4CE}C:\program files\hasbro interactive\rollercoaster tycoon demo\rct.exe" = protocol=17 | dir=in | app=c:\program files\hasbro interactive\rollercoaster tycoon demo\rct.exe |
"UDP Query User{3183255B-758B-4D07-886E-274FDCB1E82D}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3DB92F30-1FDC-48DD-A5D2-7E25CF2D5323}C:\program files\bearflix\bearflix.exe" = protocol=17 | dir=in | app=c:\program files\bearflix\bearflix.exe |
"UDP Query User{4965D930-7F4F-426B-BE59-378967EEC820}C:\users\mathias\appdata\local\temp\rarsfx1\hl.exe" = protocol=17 | dir=in | app=c:\users\mathias\appdata\local\temp\rarsfx1\hl.exe |
"UDP Query User{6C045AC9-9CA2-45E4-A471-C4D865C4C5FF}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{71826DE5-2939-4818-94A4-4FE2F5C60E70}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{77311670-A658-416D-885C-81BFC2713815}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{8BB755E5-59F7-4C6B-9B71-AB385EFE2322}C:\users\mathias\appdata\local\mediaget2\mediaget.exe" = protocol=17 | dir=in | app=c:\users\mathias\appdata\local\mediaget2\mediaget.exe |
"UDP Query User{9EB46821-591A-4AE3-B046-F6240F4D88FC}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{ABD3D440-956B-42C7-A246-A7E96F23B12A}C:\program files\edonkey2000\edonkey2000.exe" = protocol=17 | dir=in | app=c:\program files\edonkey2000\edonkey2000.exe |
"UDP Query User{DC76747E-8DBD-4F71-BD82-C9798D59BE3D}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{ED6DEAF9-3DCA-493E-A645-D5D45EE2B7E6}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AA3AF26-2FA7-4719-9A97-664CD6D332F6}" = Magic Lernprogramm
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C12B0B2-91FB-439A-A64D-1A239F0B7FAB}" = Die ersten 10 Jahre
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20F1FFAF-1BFF-450C-A8C7-03D1BE24B950}" = Microsoft .NET Framework (German)
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 29
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{315393A0-F849-41EE-86EB-BC577C2B3561}" = MAGIX PC Check & Tuning Free
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B2B78EC-5111-4C0E-A955-0D84BBA49740}" = Animation Shop 3 Try And Buy
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{681734DF-28F0-4842-855C-91CCE610FA67}" = Aerosoft's - Strassenbahn Berlin-Koepenick
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DA9102E-199F-43A0-A36B-6EF48081A658}" = Systemsteuerung "MobileMe"
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A450831D-25F6-4F42-9662-D000B25E0D82}" = Acer PlayMovie
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A908524F-7045-402C-BEC5-C387A3B739CD}" = MAGIX Screenshare
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}" = Nokia PC Suite
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = T-Mobile Internet Manager
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E3A64E20-EDA4-4B93-9176-FD3B4C7B085F}" = TransportGigant: Down Under
"{E728E952-DD4F-4BCD-A5C8-40FBFEFF91FE}" = OpenOffice.org Installer 1.0
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Hama Webcam AC-150
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F37E7087-2309-49CD-914F-9000CD95ED26}_is1" = Steig auf! 3.0
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"0900Warner" = 0900 Warner 3.50
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-Treiberpaket - Nokia Modem (02/15/2007 3.1)
"3DataManager" = 3DataManager
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 5.0" = Adobe Acrobat 4.0, 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ashampoo UnInstaller 2010_is1" = Ashampoo UnInstaller 2010
"ATI Uninstaller" = ATI Uninstaller
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-Treiberpaket - Nokia Modem (02/15/2007 3.1)
"Canon MP210 series Benutzerregistrierung" = Canon MP210 series Benutzerregistrierung
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows-Treiberpaket - Nokia Modem (05/24/2007 6.84.0.1)
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"DivX Setup" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Magic Set Editor 2_is1" = Magic Set Editor 2 - 0.3.7 beta
"MAGIX_MSI_PC_Check_Tuning_2010_Free" = MAGIX PC Check & Tuning Free
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework Full v1.0.3705 (1031)" = Microsoft .NET Framework (German) v1.0.3705
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PhotoScape" = PhotoScape
"ProTrain 2.1 2.1" = ProTrain 2.1 2.1
"ProTrain Rheintal 1.0" = ProTrain Rheintal 1.0
"RealPlayer 12.0" = RealPlayer
"Train Simulator 1.0" = Microsoft Train Simulator
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"Yahoo! Internet Mail" = Yahoo! Internet Mail
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Techno Design IP Notify" = LiveSearch Notification Tool
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
--- --- --- |
